


Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
My experience with the pricing or licensing of Cloudflare Web Application Firewall is that many features can be accessed for free, so the pricing is definitely reasonable.
Barracuda WAF-as-a-Service has positively impacted our organization by reducing cyber threats like ransomware and phishing by ninety-five percent.
For us, the biggest value comes from improved security and the reduced workload on the team, which makes the investment feel justified.
From an ROI and impact perspective, there is a 20 to 35% reduction in day-to-day administrative effort.
I would rate the technical support with Cloudflare as excellent every time I've had to contact them.
The technical support of Cloudflare Web Application Firewall rates between five and seven at maximum.
We had an incident requiring direct support, and the representatives were really helpful, resolving our query within forty-five minutes.
The engineers were helpful and knowledgeable, and we were able to get the guidance we needed.
I would rate Barracuda WAF-as-a-Service customer support as a nine on a scale of one to ten.
The company provides technical support, and they are mostly available 24/7.
The proximity of Fortinet with customers ensures quick issue resolution.
Sometimes it could be faster, but generally, their support is reliable.
The scalability of Cloudflare Web Application Firewall rates between 8 to 9, as it depends upon the use cases and what exactly the client needs.
Scalability is good for Barracuda WAF-as-a-Service; we can scale up or down based on our needs.
As our needs have grown and we have added more applications, it has handled this expansion without creating extra management overhead.
It auto checks everything, and you need to install the certificate.
In my experience, Fortinet FortiWeb Cloud WAF-as-a-Service's scalability is quite good, and I would rate it at eight point five out of ten.
We are purchasing Fortinet FortiWeb Cloud WAF-as-a-Service from the distributor side, who have provided support and a price discount.
The stability of Cloudflare Web Application Firewall deserves a perfect 10 out of 10.
We have not faced any downtime, crashes, or lag.
Barracuda WAF-as-a-Service is extremely accurate in detection and reporting, and I find very few false positives.
Barracuda WAF-as-a-Service has been stable in our experience, and we have not faced any major downtime or service-impacting issues.
The stability of the solution is excellent.
The product can improve by having more multitenancy capability, which is currently not available.
I think they're doing a good job with DNS and as support for any domains that I create or that my clients create, it's mandatory for me to ensure they have Cloudflare as their DNS provider.
And maybe something similar to Pushpin that Fastly has, which is an option where you can push messages that then can be scaled globally over the network.
The ROI they have given us is tremendous, and they are doing really well in terms of product, scalability, and service.
Modernizing the UI further, simplifying packaging and licensing clarity, enhancing the executive reporting and risk dashboard, and expanding broader cloud-native integration would be beneficial improvements.
There is one issue regarding local data storage, as they do not have that capability, and we are storing the data in another foreign country, which is against the law.
Fortinet FortiWeb Cloud WAF-as-a-Service could be improved with better logging capabilities, as many come with less spacing, necessitating a FortiSIM for enhanced functionality.
The utilization of AI in Fortinet FortiWeb Cloud WAF-as-a-Service still needs to be upgraded and improved.
I want them to provide SAML authentication.
This system allows us to pay only for what we use, saving a lot of money, so I give it a ten out of ten as it is both a money and time saver for the organization.
Barracuda service is customizable but external references note that licensing and cost planning can become complex.
While it may not be the cheapest solution available, we believe the security, ease of management, and operational benefits provide good value for the investment.
It is twice cheaper.
I just recommend Fortinet FortiWeb Cloud WAF-as-a-Service because it is very expensive.
The price is not the cheapest, but it offers great value for money.
The custom rules and the geo-redundant geographical rule feature, which allows me to implement geographical rules for customers, add significant value.
The best features of Cloudflare Web Application Firewall are multiple, including the WAF, rate limiter, and bot attack protection.
Cloudflare Web Application Firewall's advanced reporting and analytics tools add a layer that we're able to visualize and see before it actually hits the local firewall.
The centralized dashboard is helping us streamline visibility across our admin panels and provides site-to-site visibility deployed directly to our AWS environment, securing VPC traffic and ensuring the firewall is in place.
One of the strongest points is the speed of deployment, which features a three-step deployment wizard, pre-built templates, and quick onboarding, making it suitable for teams that want protection fast without complex infrastructure setup.
I particularly appreciate its ability to automatically detect and block common web attacks such as SQL injection, XSS, and bot-based threats without requiring manual intervention.
It is possible to easily find vulnerabilities with the WAF.
It effectively mitigates web attacks, provides virtual protections, and handles large traffic with minimal processing effort.
Its usability is a key aspect as it is very easy to use and deploy in front of new APIs.
| Product | Mindshare (%) |
|---|---|
| Cloudflare Web Application Firewall | 4.0% |
| Barracuda WAF-as-a-Service | 0.9% |
| Fortinet FortiWeb Cloud WAF-as-a-Service | 0.8% |
| Other | 94.3% |


| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 6 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 13 |
| Midsize Enterprise | 2 |
| Large Enterprise | 6 |
| Company Size | Count |
|---|---|
| Small Business | 5 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
Cloudflare Web Application Firewall integrates DDoS protection, load balancing, and firewall capabilities. Its ease of use, configurability, and robust security measures make it a versatile choice for protecting web applications.
Cloudflare Web Application Firewall provides a comprehensive defense against threats with advanced reporting and robust security measures. It includes DNS integration, rate limiting, and extensive rule sets, all within a SaaS model that allows API configurability. Users value its caching, scalability, and pricing, although enhancements are needed in rate-limiting and third-party integration. Improvements in customer support, especially in India, real-time controls, and user documentation are also desired. Users seek a more intuitive dashboard, better log management, and improved alert systems, along with multitenancy capabilities and enhanced reporting.
What are the key features of Cloudflare Web Application Firewall?Cloudflare Web Application Firewall finds application in industries like banking and retail by acting as a comprehensive security gateway, managing authentication and authorization while protecting web applications from malicious Layer 7 traffic. It also implements load balancing, CDN, and zero-trust policies, supported by advanced reporting, analytics tools, and threat scoring to meet specific industry needs.
Barracuda WAF-as-a-Service streamlines cloud security with features like automatic updates, real-time detection, and bot protection. It enhances AWS environments with simplified management and threat intelligence.
Barracuda WAF-as-a-Service provides robust application security, leveraging automatic security updates and real-time attack detection to defend against threats. Its centralized dashboard offers an intuitive management experience, complemented by automated policies. Real-time threat intelligence, application control, and VPN support contribute to its security efficacy. Its capabilities to detect and prevent DDoS, application, and unknown OS attacks ensure comprehensive protection. Although licensing complexity, high costs, stability concerns, and regional compliance issues pose challenges, it effectively secures websites and email systems against malware, phishing, and ransomware, and simplifies cloud migration.
What are the key features of Barracuda WAF-as-a-Service?In industries like e-commerce and finance, Barracuda WAF-as-a-Service is implemented for its effectiveness in securing cloud-based applications while reducing the need for on-premises equipment. Its strength in protecting both websites and email systems makes it a preferred choice for businesses migrating to cloud solutions.
Fortinet FortiWeb Cloud WAF-as-a-Service provides cloud-based web application protection, ensuring businesses secure their web apps against threats without hardware management, offering dynamic scalability and threat intelligence.
Fortinet FortiWeb Cloud WAF-as-a-Service offers an advanced security platform that effectively protects web applications from cyber threats by leveraging comprehensive threat intelligence and efficient traffic management. Its cloud-native architecture facilitates seamless integration, allowing for scalable security solutions that adapt to varying demand levels. Known for reducing complexity, it empowers organizations to focus on strategic initiatives without the need for dedicated on-premise resources. The service also provides robust analytics, enabling informed decision-making based on real-time threat landscapes.
What are the key features?In industries such as finance and e-commerce where sensitive data protection is paramount, Fortinet FortiWeb Cloud WAF-as-a-Service is extensively implemented to secure web applications against potential vulnerabilities. It ensures compliance with stringent regulatory standards and protects consumer information, thus maintaining trust and brand reputation. Healthcare providers leverage it to protect patient records, a sector that demands the utmost security and confidentiality.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.